Playbook Objectives

• To understand and prepare for the potential threats posed by quantum computing to current cryptographic standards.
• To identify vulnerabilities in the company’s cryptographic systems when faced with quantum computing attacks.
• To update and implement quantum-resistant cryptographic algorithms to safeguard sensitive data.
• To enhance the incident response plan with a focus on quantum-based cryptographic breaches.
• To train the cybersecurity team in recognizing and defending against advanced quantum-based attacks.

Difficulty Level

• Advanced: This exercise is designed for an organization with an existing proficient cybersecurity team familiar with conventional cryptographic protocols and seeking to tackle the next generation of security challenges.

Scenario

• GlobalTech Partners, a leading financial services provider, secures its communication with clients using the standard RSA encryption mechanism. The security team consists of 20 seasoned cyber defense professionals led by Chief Security Officer Dr. Susan Cho.
• The company’s network includes multiple levels of firewalls, intrusion detection systems (IDS), and encryption at both the data transfer and storage phases, protecting assets over a vast network of 10,000+ terminals worldwide.
• Pseudonym Corporation, a rival firm, has recently invested heavily in a quantum computing project, sparking rumors in the cybersecurity community that they might be able to crack existing cryptographic algorithms much faster than previously anticipated.
• GlobalTech Partners now faces the possibility that their sensitive financial data could be compromised if an actor, such as Pseudonym Corporation or another, were to leverage quantum computing to break the encryption.
• To stay ahead, GlobalTech decides to simulate a quantum attack on their cryptography in a cyber range environment. The goal is to assess the current security posture and determine the resilience of their cryptographic measures against quantum computing techniques.
• The ultimate purpose is to find and address weaknesses, thereby strengthening the company’s defenses using quantum-resistant cryptography.

Category

• Cryptography / Quantum Computing

Exercise Attack Steps

• Asset Identification: List all critical assets and cryptographic systems currently in place: RSA key servers, databases with encrypted data, client communication channels, etc.
• Attack Vector Analysis: Enumerate potential quantum-based attack vectors: quantum algorithms like Shor’s algorithm and Grover’s algorithm targeting encryption and hashing.
• Simulation Environment Setup: Configure a virtual network in the cyber range that mirrors the live environment of GlobalTech’s network, complete with quantum-processing capabilities.
• Quantum Attack Launch: Execute a simulated quantum-based attack to attempt to decrypt sensitive data or crack authentication mechanisms protected by current cryptographic standards.
• Defense Mechanisms Review: Assess the effective lifespan of the cryptographic algorithms under quantum conditions and evaluate the possible implementation of post-quantum cryptographic algorithms.
• Detection and Response: Activate IDS and other monitoring tools to detect the simulated attack, initiating incident response protocols and measuring effectiveness.
• Key Recovery and System Restoration: Demonstrate the effectiveness of quantum-resistant cryptography by requiring teams to recover compromised systems using post-quantum algorithms.
• After Action Reporting: Compile and analyze all data gathered to create comprehensive reports detailing the team’s response, pinpointing weak areas, and recommending improvements to the cryptographic architecture.
• Policy and Procedure Update: Revise current cybersecurity policies and procedures based on the exercise findings and ensure the inclusion of quantum-risk mitigation strategies.
• Training and Awareness Program: Establish regular training modules and update the security awareness program to include the threat of quantum computing on cryptography.